3351 matches found
NetRisk 1.9.7 - 'index.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/27136/info netRisk is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code on an affected computer with the privileges of the webserver...
NetRisk 1.9.7 - index.php Remote File Inclusion
NetRisk 1.9.7 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/27136/info netRisk is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code on an affect...
WordPress 2.2.3 - wp-adminpost.php?popuptitle Cross-Site Scripting
WordPress 2.2.3 - wp-adminpost.php?popuptitle Cross-Site Scripting source: https://www.securityfocus.com/bid/27123/info WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
ExpressionEngine 1.2.1 - HTTP Response Splitting / Cross-Site Scripting
source: https://www.securityfocus.com/bid/27128/info ExpressionEngine is prone to an HTTP-response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in...
Rotabanner Local 2/3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/27138/info Rotabanner Local is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
LiveCart 1.0.1 - return Cross-Site Scripting (2)
LiveCart 1.0.1 - return Cross-Site Scripting 2 source: https://www.securityfocus.com/bid/27087/info LiveCart is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code ...
LiveCart 1.0.1 - 'return' Cross-Site Scripting (2)
source: https://www.securityfocus.com/bid/27087/info LiveCart is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
MilliScripts - dir.php Cross-Site Scripting
MilliScripts - dir.php Cross-Site Scripting source: https://www.securityfocus.com/bid/27078/info MilliScripts is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
MilliScripts - 'dir.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27078/info MilliScripts is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...
Makale Scripti - Cross-Site Scripting
source: https://www.securityfocus.com/bid/27067/info Makale Scripti is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...
Makale Scripti - Cross-Site Scripting
Makale Scripti - Cross-Site Scripting source: https://www.securityfocus.com/bid/27067/info Makale Scripti is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser...
NetBizCity FaqMasterFlexPlus - 'faq.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/27051/info FaqMasterFlexPlus is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Limbo CMS 1.0.4 - com_option Cross-Site Scripting
Limbo CMS 1.0.4 - comoption Cross-Site Scripting source: https://www.securityfocus.com/bid/27027/info Limbo CMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
Mambo 4.6.2 - index.php Multiple Cross-Site Scripting Vulnerabilities
Mambo 4.6.2 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/26922/info Mambo is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
Adobe Flash Player 8.0.34.0/9.0.x - 'main.swf?baseurl' asfunction: Protocol Handler Cross-Site Scripting
source: https://www.securityfocus.com/bid/26949/info Adobe Flash Player is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...
Adobe Flash Player 8.0.34.09.0.x - main.swf?baseurl asfunction: Protocol Handler Cross-Site Scripting
Adobe Flash Player 8.0.34.09.0.x - main.swf?baseurl asfunction: Protocol Handler Cross-Site Scripting source: https://www.securityfocus.com/bid/26949/info Adobe Flash Player is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An...
SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Access Validation / Input Validation
source: https://www.securityfocus.com/bid/26788/info The G/PGP encryption plugin for SquirrelMail is prone to an input-validation vulnerability and an access-validation vulnerability. Attackers can exploit these issues to inject arbitrary script code into public key data or to delete and overwrit...
SquirrelMail GPGP Encryption Plugin 2.02.1 - Access Validation Input Validation
SquirrelMail GPGP Encryption Plugin 2.02.1 - Access Validation Input Validation source: https://www.securityfocus.com/bid/26788/info The G/PGP encryption plugin for SquirrelMail is prone to an input-validation vulnerability and an access-validation vulnerability. Attackers can exploit these issue...
webSPELL 4.1.2 - 'calendar.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/26787/info webSPELL is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
Kayako SupportSuite 3.0.32 - 'PHP_SELF Trigger_Error' Function Cross-Site Scripting
source: https://www.securityfocus.com/bid/26744/info SupportSuite is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...